1 files changed, 87 insertions, 99 deletions
diff --git a/src/etc/inc/interfaces.inc b/src/etc/inc/interfaces.inc
index 8adadc0..49fd2ca 100644
--- a/src/etc/inc/interfaces.inc
+++ b/src/etc/inc/interfaces.inc
@@ -33,12 +33,6 @@
 	CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
 	ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
 	POSSIBILITY OF SUCH DAMAGE.
-
-	pfSense_BUILDER_BINARIES:	/sbin/dhclient	/bin/sh	/usr/bin/grep	/usr/bin/xargs	/usr/bin/awk	/usr/local/sbin/choparp
-	pfSense_BUILDER_BINARIES:	/sbin/ifconfig	/sbin/route	/usr/sbin/ngctl	/usr/sbin/arp	/bin/kill	/usr/local/sbin/mpd5
-	pfSense_BUILDER_BINARIES:	/usr/local/sbin/dhcp6c
-	pfSense_MODULE:	interfaces
-
 */
 
 /* include all configuration functions */
@@ -228,28 +222,29 @@ function interface_vlan_configure(&$vlan) {
 		return;
 	}
 	$if = $vlan['if'];
-	$vlanif = empty($vlan['vlanif']) ? "{$if}_vlan{$vlan['tag']}" : $vlan['vlanif'];
-	$tag = $vlan['tag'];
-
 	if (empty($if)) {
 		log_error(gettext("interface_vlan_configure called with if undefined."));
 		return;
 	}
 
+	$vlanif = empty($vlan['vlanif']) ? "{$if}_vlan{$vlan['tag']}" : $vlan['vlanif'];
+	$tag = $vlan['tag'];
+	$pcp  = empty($vlan['pcp']) ? 0 : $vlan['pcp'];	/* Apply "Best Effort" if not set */
+
 	/* make sure the parent interface is up */
 	interfaces_bring_up($if);
 	/* Since we are going to add vlan(4) try to enable all that hardware supports. */
 	pfSense_interface_capabilities($if, IFCAP_VLAN_HWTAGGING|IFCAP_VLAN_MTU|IFCAP_VLAN_HWFILTER);
 
 	if (!empty($vlanif) && does_interface_exist($vlanif)) {
-		interface_bring_down($vlanif, true);
-	} else {
-		$tmpvlanif = pfSense_interface_create("vlan");
-		pfSense_interface_rename($tmpvlanif, $vlanif);
-		pfSense_ngctl_name("{$tmpvlanif}:", $vlanif);
+		pfSense_interface_destroy($vlanif);
 	}
 
-	pfSense_vlan_create($vlanif, $if, $tag);
+	$tmpvlanif = pfSense_interface_create("vlan");
+	pfSense_interface_rename($tmpvlanif, $vlanif);
+	pfSense_ngctl_name("{$tmpvlanif}:", $vlanif);
+
+	pfSense_vlan_create($vlanif, $if, $tag, $pcp);
 
 	interfaces_bring_up($vlanif);
 
@@ -807,6 +802,7 @@ function interface_gre_configure(&$gre, $grekey = "") {
 
 	$realif = get_real_interface($gre['if']);
 	$realifip = get_interface_ip($gre['if']);
+	$realifip6 = get_interface_ipv6($gre['if']);
 
 	/* make sure the parent interface is up */
 	interfaces_bring_up($realif);
@@ -820,7 +816,11 @@ function interface_gre_configure(&$gre, $grekey = "") {
 	}
 
 	/* Do not change the order here for more see gre(4) NOTES section. */
-	mwexec("/sbin/ifconfig {$greif} tunnel {$realifip} " . escapeshellarg($gre['remote-addr']));
+	if (is_ipaddrv6($gre['remote-addr'])) {
+		mwexec("/sbin/ifconfig {$greif} inet6 tunnel {$realifip6} " . escapeshellarg($gre['remote-addr']));
+	} else {
+		mwexec("/sbin/ifconfig {$greif} tunnel {$realifip} " . escapeshellarg($gre['remote-addr']));
+	}
 	if ((is_ipaddrv6($gre['tunnel-local-addr'])) || (is_ipaddrv6($gre['tunnel-remote-addr']))) {
 		/* XXX: The prefixlen argument for tunnels of ipv6 is useless since it needs to be 128 as enforced by kernel */
 		//mwexec("/sbin/ifconfig {$greif} inet6 " . escapeshellarg($gre['tunnel-local-addr']) . " " . escapeshellarg($gre['tunnel-remote-addr']) . " prefixlen /" . escapeshellarg($gre['tunnel-remote-net']));
@@ -936,7 +936,11 @@ function interface_gif_configure(&$gif, $gifkey = "") {
 	}
 
 	/* Do not change the order here for more see gif(4) NOTES section. */
-	mwexec("/sbin/ifconfig {$gifif} tunnel {$realifip} " . escapeshellarg($gif['remote-addr']));
+	if (is_ipaddrv6($gif['remote-addr'])) {
+		mwexec("/sbin/ifconfig {$gifif} inet6 tunnel {$realifip} " . escapeshellarg($gif['remote-addr']));
+	} else {
+		mwexec("/sbin/ifconfig {$gifif} tunnel {$realifip} " . escapeshellarg($gif['remote-addr']));
+	}
 	if ((is_ipaddrv6($gif['tunnel-local-addr'])) || (is_ipaddrv6($gif['tunnel-remote-addr']))) {
 		/* XXX: The prefixlen argument for tunnels of ipv6 is useless since it needs to be 128 as enforced by kernel */
 		//mwexec("/sbin/ifconfig {$gifif} inet6 " . escapeshellarg($gif['tunnel-local-addr']) . " " . escapeshellarg($gif['tunnel-remote-addr']) . " prefixlen /" . escapeshellarg($gif['tunnel-remote-net']));
@@ -1621,7 +1625,7 @@ function interface_ppps_configure($interface) {
 				interfaces_bring_up($port);
 				pfSense_ngctl_attach(".", $port);
 				/* Enable setautosrc to automatically change mac address if parent interface's changes */
-				mwexec("ngctl msg {$port}: setautosrc 1");
+				mwexec("/usr/sbin/ngctl msg {$port}: setautosrc 1");
 				break;
 			case "pptp":
 			case "l2tp":
@@ -2019,8 +2023,8 @@ EOD;
 	/* we only support the 3gstats.php for huawei modems for now. Will add more later. */
 	/* We should be able to launch the right version for each modem */
 	/* We can also guess the mondev from the manufacturer */
-	exec("usbconfig | egrep -ie '(huawei)'", $usbmodemoutput);
-	mwexec("/bin/ps auxww|grep \"{$interface}\" |grep \"[3]gstats\" | awk '{print $2}' |xargs kill");
+	exec("/usr/sbin/usbconfig | /usr/bin/egrep -ie '(huawei)'", $usbmodemoutput);
+	mwexec("/bin/ps auxww | /usr/bin/grep \"{$interface}\" | /usr/bin/grep \"[3]gstats\" | /usr/bin/awk '{print $2}' | /usr/bin/xargs kill");
 	foreach ($ports as $port) {
 		if (preg_match("/huawei/i", implode("\n", $usbmodemoutput))) {
 			$mondev = substr(basename($port), 0, -1);
@@ -2653,29 +2657,8 @@ function interface_wireless_configure($if, &$wl, &$wlcfg) {
 		$wlcmd[] = "-wme";
 	}
 
-	/* set up wep if enabled */
-	$wepset = "";
-	if (isset($wlcfg['wep']['enable']) && is_array($wlcfg['wep']['key'])) {
-		switch ($wlcfg['wpa']['auth_algs']) {
-			case "1":
-				$wepset .= "authmode open wepmode on ";
-				break;
-			case "2":
-				$wepset .= "authmode shared wepmode on ";
-				break;
-			case "3":
-				$wepset .= "authmode mixed wepmode on ";
-		}
-		$i = 1;
-		foreach ($wlcfg['wep']['key'] as $wepkey) {
-			$wepset .= "wepkey " . escapeshellarg("{$i}:{$wepkey['value']}") . " ";
-			if (isset($wepkey['txkey'])) {
-				$wlcmd[] = "weptxkey {$i} ";
-			}
-			$i++;
-		}
-		$wlcmd[] = $wepset;
-	} else if (isset($wlcfg['wpa']['enable'])) {
+	/* Enable wpa if it's configured. No WEP support anymore. */
+	if (isset($wlcfg['wpa']['enable'])) {
 		$wlcmd[] = "authmode wpa wepmode off ";
 	} else {
 		$wlcmd[] = "authmode open wepmode off ";
@@ -2732,7 +2715,6 @@ ctrl_interface_group=wheel
 #macaddr_acl={$wlcfg['wpa']['macaddr_acl']}
 ssid={$wlcfg['ssid']}
 debug={$wlcfg['wpa']['debug_mode']}
-auth_algs={$wlcfg['wpa']['auth_algs']}
 wpa={$wlcfg['wpa']['wpa_mode']}
 wpa_key_mgmt={$wlcfg['wpa']['wpa_key_mgmt']}
 wpa_pairwise={$wlcfg['wpa']['wpa_pairwise']}
@@ -3294,57 +3276,55 @@ function interface_configure($interface = "wan", $reloadall = false, $linkupeven
 		}
 	}
 
-	// Limit the MTU to 1500 if no explicit MTU configured
-	if ($wantedmtu == 0 && get_interface_mtu($mtuif) > 1500) {
-		$wantedmtu = 1500;
+	// Set the MTU to 1500 if no explicit MTU configured
+	if ($wantedmtu == 0) {
+		$wantedmtu = 1500; /* Default */
 	}
 
-	if ($wantedmtu != 0) {
-		if (stristr($mtuif, "_vlan")) {
-			$assignedparent = convert_real_interface_to_friendly_interface_name($mtuhwif);
-			if (!empty($assignedparent) && !empty($config['interfaces'][$assignedparent]['mtu'])) {
-				$parentmtu = $config['interfaces'][$assignedparent]['mtu'];
-				if ($wancfg['mtu'] > $parentmtu) {
-					log_error("There is a conflict on MTU between parent {$mtuhwif} and VLAN({$mtuif})");
-				}
-			} else {
-				$parentmtu = 0;
+	if (stristr($mtuif, "_vlan")) {
+		$assignedparent = convert_real_interface_to_friendly_interface_name($mtuhwif);
+		if (!empty($assignedparent) && !empty($config['interfaces'][$assignedparent]['mtu'])) {
+			$parentmtu = $config['interfaces'][$assignedparent]['mtu'];
+			if ($wancfg['mtu'] > $parentmtu) {
+				log_error("There is a conflict on MTU between parent {$mtuhwif} and VLAN({$mtuif})");
 			}
+		} else {
+			$parentmtu = 0;
+		}
 
-			$parentmtu = interface_vlan_mtu_configured($mtuhwif, $parentmtu);
+		$parentmtu = interface_vlan_mtu_configured($mtuhwif, $parentmtu);
 
-			if (get_interface_mtu($mtuhwif) != $parentmtu) {
-				pfSense_interface_mtu($mtuhwif, $parentmtu);
-			}
+		if (get_interface_mtu($mtuhwif) != $parentmtu) {
+			pfSense_interface_mtu($mtuhwif, $parentmtu);
+		}
 
-			/* All vlans need to use the same mtu value as their parent. */
-			interface_vlan_adapt_mtu(link_interface_to_vlans($mtuhwif), $parentmtu);
-		} else if (substr($mtuif, 0, 4) == 'lagg') {
-			/* LAGG interface must be destroyed and re-created to change MTU */
-			if ($wantedmtu != get_interface_mtu($mtuif)) {
-				if (isset($config['laggs']['lagg']) && is_array($config['laggs']['lagg'])) {
-					foreach ($config['laggs']['lagg'] as $lagg) {
-						if ($lagg['laggif'] == $mtuif) {
-							interface_lagg_configure($lagg);
-							break;
-						}
+		/* All vlans need to use the same mtu value as their parent. */
+		interface_vlan_adapt_mtu(link_interface_to_vlans($mtuhwif), $parentmtu);
+	} else if (substr($mtuif, 0, 4) == 'lagg') {
+		/* LAGG interface must be destroyed and re-created to change MTU */
+		if ($wantedmtu != get_interface_mtu($mtuif)) {
+			if (isset($config['laggs']['lagg']) && is_array($config['laggs']['lagg'])) {
+				foreach ($config['laggs']['lagg'] as $lagg) {
+					if ($lagg['laggif'] == $mtuif) {
+						interface_lagg_configure($lagg);
+						break;
 					}
 				}
 			}
-		} else {
-			if ($wantedmtu != get_interface_mtu($mtuif)) {
-				pfSense_interface_mtu($mtuif, $wantedmtu);
-			}
+		}
+	} else {
+		if ($wantedmtu != get_interface_mtu($mtuif)) {
+			pfSense_interface_mtu($mtuif, $wantedmtu);
+		}
 
-			/* This case is needed when the parent of vlans is being configured */
-			$vlans = link_interface_to_vlans($mtuif);
-			if (is_array($vlans)) {
-				interface_vlan_adapt_mtu($vlans, $wantedmtu);
-			}
-			unset($vlans);
+		/* This case is needed when the parent of vlans is being configured */
+		$vlans = link_interface_to_vlans($mtuif);
+		if (is_array($vlans)) {
+			interface_vlan_adapt_mtu($vlans, $wantedmtu);
 		}
-		/* XXX: What about gre/gif/.. ? */
+		unset($vlans);
 	}
+	/* XXX: What about gre/gif/.. ? */
 
 	switch ($wancfg['ipaddr']) {
 		case 'dhcp':
@@ -4473,7 +4453,7 @@ function convert_real_interface_to_friendly_interface_name($interface = "wan", $
 	if (stripos($interface, "_vip")) {
 		foreach ($config['virtualip']['vip'] as $counter => $vip) {
 			if ($vip['mode'] == "carp") {
-				if ($interface == "{$vip['interface']}_vip{$vip['vhid']}") {
+				if ($interface == "_vip{$vip['uniqid']}") {
 					return $vip['interface'];
 				}
 			}
@@ -4546,7 +4526,7 @@ function convert_friendly_interface_to_friendly_descr($interface) {
 				if (is_array($config['virtualip']['vip'])) {
 					foreach ($config['virtualip']['vip'] as $counter => $vip) {
 						if ($vip['mode'] == "carp") {
-							if ($interface == "{$vip['interface']}_vip{$vip['vhid']}") {
+							if ($interface == "_vip{$vip['uniqid']}") {
 								return "{$vip['subnet']} - {$vip['descr']}";
 							}
 						}
@@ -4706,6 +4686,7 @@ function get_real_interface($interface = "wan", $family = "all", $realv6iface =
 		case "openvpn":
 			$wanif = "openvpn";
 			break;
+		case "IPsec":
 		case "ipsec":
 		case "enc0":
 			$wanif = "enc0";
@@ -4715,7 +4696,7 @@ function get_real_interface($interface = "wan", $family = "all", $realv6iface =
 			break;
 		default:
 			if (substr($interface, 0, 4) == '_vip') {
-				$wanif = get_configured_carp_interface_list($interface, '', 'iface');
+				$wanif = get_configured_carp_interface_list($interface, $family, 'iface');
 				if (!empty($wanif)) {
 					$wanif = get_real_interface($wanif, $family);
 				}
@@ -4899,7 +4880,7 @@ function find_virtual_ip_alias($ip, $bits = null) {
  *   find_number_of_created_carp_interfaces: return the number of carp interfaces
  */
 function find_number_of_created_carp_interfaces() {
-	return `/sbin/ifconfig | grep "carp:" | wc -l`;
+	return `/sbin/ifconfig | /usr/bin/grep "carp:" | /usr/bin/wc -l`;
 }
 
 /*
@@ -5370,11 +5351,19 @@ function get_possible_listen_ips($include_ipv6_link_local=false) {
 	/* XXX: Maybe use array_merge below? */
 	$carplist = get_configured_carp_interface_list();
 	foreach ($carplist as $cif => $carpip) {
-		$interfaces[$cif] = $carpip . ' (' . get_vip_descr($carpip) . ')';
+		if (get_vip_descr($carpip)) {
+			$interfaces[$cif] = $carpip . ' (' . get_vip_descr($carpip) . ')';
+		} else {
+			$interfaces[$cif] = $carpip;
+		}
 	}
 	$aliaslist = get_configured_ip_aliases_list();
 	foreach ($aliaslist as $aliasip => $aliasif) {
-		$interfaces[$aliasip] = $aliasip . ' (' . get_vip_descr($aliasip) . ')';
+		if (get_vip_descr($aliasip)) {
+			$interfaces[$aliasip] = $aliasip . ' (' . get_vip_descr($aliasip) . ')';
+		} else {
+			$interfaces[$aliasip] = $aliasip;
+		}
 	}
 
 	$interfaces['lo0'] = 'Localhost';
@@ -5401,17 +5390,16 @@ function get_possible_traffic_source_addresses($include_ipv6_link_local=false) {
 
 function get_interface_ip($interface = "wan") {
 
-	$realif = get_failover_interface($interface);
+	$realif = get_failover_interface($interface, 'inet');
 	if (!$realif) {
 		return null;
 	}
 
-	if (substr($realif, 0, 4) == '_vip') {
-		return get_configured_carp_interface_list($realif, 'inet', 'ip');
-	}
-
-	if (strstr($realif, "_vip")) {
-		return get_configured_carp_interface_list($realif);
+	if (substr($interface, 0, 4) == '_vip') {
+		return get_configured_carp_interface_list($interface, 'inet', 'ip');
+	} else if (substr($interface, 0, 5) == '_lloc') {
+		/* No link-local address for v4. */
+		return null;
 	}
 
 	$curip = find_interface_ip($realif);
@@ -5430,9 +5418,9 @@ function get_interface_ipv6($interface = "wan", $flush = false) {
 		return null;
 	}
 
-	if (substr($realif, 0, 4) == '_vip') {
-		return get_configured_carp_interface_list($realif, 'inet6', 'ip');
-	} else if (substr($realif, 0, 5) == '_lloc') {
+	if (substr($interface, 0, 4) == '_vip') {
+		return get_configured_carp_interface_list($interface, 'inet6', 'ip');
+	} else if (substr($interface, 0, 5) == '_lloc') {
 		return get_interface_linklocal($interface);
 	}